MDKSA-2007:174

Problembeschreibung

A stack buffer overflow vulnerability was discovered in the RPC
library used by Kerberos' kadmind program by Tenable Network Security.
A remote unauthenticated user who could access kadmind would be
able to trigger the flaw and cause it to crash (CVE-2007-3999).
This issue is only applicable to Kerberos 1.4 and higher.

Garrett Wollman found an uninitialized pointer vulnerability in
kadmind which a remote unauthenticated attacker able to access
kadmind could exploit to cause kadmind to crash (CVE-2007-4000).
This issue is only applicable to Kerberos 1.5 and higher.